Explorar o código

fix: unescaped code in markdown preview panel

NGPixel %!s(int64=5) %!d(string=hai) anos
pai
achega
18b2f60b84
Modificáronse 1 ficheiros con 1 adicións e 1 borrados
  1. 1 1
      client/components/editor/editor-markdown.vue

+ 1 - 1
client/components/editor/editor-markdown.vue

@@ -243,7 +243,7 @@ const md = new MarkdownIt({
   linkify: true,
   typography: true,
   highlight(str, lang) {
-    return `<pre class="line-numbers"><code class="language-${lang}">${str}</code></pre>`
+    return `<pre class="line-numbers"><code class="language-${lang}">${_.escape(str)}</code></pre>`
   }
 })
   .use(mdAttrs, {